From 678d260cd19f95e71d99a9b9caeb95f6aa66991a Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Sun, 15 Jun 2014 23:20:22 +0000 Subject: [PATCH] Explain the seccomp fix properly svn path=/dists/sid/linux/; revision=21443 --- debian/changelog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 909c062ff..87dbea740 100644 --- a/debian/changelog +++ b/debian/changelog @@ -224,7 +224,8 @@ linux (3.14.7-1) UNRELEASED; urgency=medium - udeb: Add packages based on ppc64 configuration * netfilter: ipv4: defrag: set local_df flag on defragmented skb (regression in 3.14.5) - * [mips] asm: thread_info: Add _TIF_SECCOMP flag (Closes: #751417) + * [mips] seccomp: Check system calls whenever seccomp is enabled, + even if audit and trace are disabled (Closes: #751417) * auditsc: audit_krule mask accesses need bounds checking (CVE-2014-3917) * fs,userns: Change inode_capable to capable_wrt_inode_uidgid (CVE-2014-4014)